轻松背单词新浪微博 轻松背单词腾讯微博
轻松背单词微信服务号
当前位置:首页 -> 10级英语阅读 - > 手机恶意软件呈指数级增长
手机恶意软件呈指数级增长
添加时间:2016-03-06 17:59:17 浏览次数: 作者:未知
Tip:点击数字可快速查看单词解释  
  • Mobile malware took off in 2011. That is when hackers1 began serious attacks on mobile phones, says David Emm, principal security researcher, at Kaspersky Lab, a cyber security company.

    手机恶意软件从2011年开始迅速发展。网络安全公司卡巴斯基实验室(Kaspersky Lab)的资深安全研究员戴维•埃姆(David Emm)称,当时黑客开始大举攻击手机。

    “At that point, the data became worth stealing, and since then growth has been exponential,” Mr Emm says. He estimates 1m new malicious2 codes were found on devices in 2015. “The actual number of attacks is much bigger than this because each program tends to be used many times.”

    “当时,手机数据变得有盗取价值,从那以后手机恶意软件呈指数级增长,”埃姆称。他估计,2015年期间发现了100万个新的手机恶意代码。“实际攻击次数远大于此,因为每个程序往往被多次使用。”

    Early attacks focused on causing handsets silently to call premium3 rate numbers. Then hackers diversified4 into phishing — creating spoof5 websites that trick people into revealing account numbers and login details.

    早期的攻击方式都集中在导致手机暗中拨打收费高昂的电话号码。后来黑客们转向网络钓鱼——利用诈骗网站诱导人们透露账户号码和登录资料。

    Phishing still accounts for the overwhelming number of attacks on mobiles, says Mr Emm, although ransomware — locking data and demanding payment for its release — is also big, accounting6 for 17 per cent of the total across all platforms, according to Kaspersky’s research.

    埃姆称,尽管网络钓鱼仍然占据对手机攻击的绝大部分,但是勒索软件(锁定数据,要求付款才解锁)的比例也很大。根据卡巴斯基的研究,勒索软件在囊括所有平台的恶意软件中占17%。

    Most phone attacks are on handsets that use the Android operating system because of its large market share and flexible, open technology. Apple’s iPhones use proprietary7 technology which is more difficult to breach8.

    针对手机的多数攻击以搭载Android操作系统的智能手机为目标,原因在于Android巨大的市场份额以及灵活、开放的技术。苹果(Apple) iPhone搭载的系统采用专有技术,攻破难度更大。

    “Android is like having a room with lots of doors as opposed to a cave with a single entrance,” Mr Emm says. But Apple is not immune.

    “Android就像是一个有很多门的房间,而不是只有一个入口的山洞,”埃姆称。但是苹果也并非免疫。

    In 2015, many app developers unwittingly downloaded a malicious version of Xcode — Apple’s official tool for building apps — from a file-sharing website. Among scores of apps infected were WeChat, a messaging app popular in China, and CamCard, a popular business card reader in the US.

    2015年,很多app开发商无意间从文件分享网站下载了恶意版的Xcode(苹果官方制作app的软件工具)。数十款app被感染,其中包括在中国颇受欢迎的即时信息app微信(WeChat)以及美国高人气名片识别软件CamCard。

    Although Apple vets9 the apps sold through its app store, the infected programs were not initially10 detected. They were made available and widely used.

    尽管苹果对在其应用商店(App Store)上架的app进行审查,但是被感染的软件最初没有被探测到。它们被提供下载,并且被广泛使用。

    Mobile phone security is challenging because devices are designed to connect in many different ways, says Ben Johnson, chief security strategist at Carbon Black, a security software company. “Whether it is a text message, email, web browsing11, Bluetooth or near-field communication (NFC) connectivity, each method of communication is a potential attack route.”

    安全软件公司Carbon Black的首席安全策略师本•约翰逊(Ben Johnson)称,由于手机可以通过多种方式连接,手机安全具有较大挑战性。“无论是文本短信、电子邮件、浏览网页、蓝牙还是近距离通信技术(NFC),每一种通信方式都可能成为攻击途径。”

    As human interaction is the main purpose of a mobile device, Mr Johnson adds, there are more chances to trick users. “People are much more likely to click on malicious images or videos sent to a mobile phone than to a PC, because it feels more familiar and natural.”

    约翰逊称,由于人与人之间的交互已经成为移动设备的主要目的,在手机端诱骗用户的机会更多。“与使用电脑相比,人们在手机上点击恶意图片或视频的可能性更高,因为它感觉更熟悉,点起来更顺手。”

    Phones are also often set to connect automatically and display quick preview images, data or text. “This makes it possible to exploit a system without the recipient12 opening or ‘clicking’ anything,” Mr Johnson says.

    此外,手机往往被设置为自动连接以及快速预览图片、信息和短信的模式。“这使得恶意软件可以在接收者不打开或‘点击’的情况下钻系统的空子,”约翰逊称。

    Defending against the most serious attacks is difficult, says Ian Evans, a vice-president and managing director at VMware Airwatch. “If the main source of the threat is a nation state agency, you’re best to just throw your phone away.”

    VMware Airwatch的副总裁兼董事总经理伊恩•埃文斯(Ian Evans)称,很难抵挡那些技术含量最高的攻击。“如果主要的威胁源是某个国家机构,你最好把手机扔了。”

    However, simple steps can help against more common hackers. You should use a passcode or complex PIN on your device to protect it in case of loss or theft, says Mr Evans. “And it is best to avoid connecting to public WiFi networks. If the WiFi is not encrypted, somebody could intercept13 data including passwords. If you have to do so, make sure you always use a virtual private network to connect to sensitive resources.”

    然而,一些简单的步骤可以帮助你应付比较普通的黑客。埃文斯称,你应该在设备上使用通行密码或者设置复杂的个人识别码(PIN),以防手机丢失或被盗。“最好避免连接公共WiFi网络。如果WiFi没有加密,别人可以拦截包括密码在内的个人数据。如果你不得不连接公共WiFi,确保自己总是使用虚拟专用网络(VPN)连接敏感资源。”

    Also, do not “jailbreak” your mobile devices, he says. This is a process whereby users remove operating system restrictions14 so that they can customise their phone and download apps not normally allowed. “Jailbreaking negates15 your warranty16 and exposes you to more potential malware,” says Keiron Shepherd, senior security specialist at F5 Networks, a cyber security company.

    此外,他称,不要把你的移动设备“越狱”——指用户解除操作系统限制,以便对自己的手机进行定制化设置,并下载通常被禁止的app。“越狱意味着放弃你的保修权利,并使手机暴露于更多的潜在恶意软件,”网络安全公司F5 Networks的高级安全专家吉仑•谢泼德(Keiron Shepherd)称。

    Phones with hardware-based encryption tend to offer stronger protection than software encryption, says Mr Evans. “The encryption key is stored on a chip, which acts like a safe.” But Android handsets continue to lack dependable hardware-based encryption, Mr Evans says.

    埃文斯称,硬件加密对手机的保护往往强于软件加密。“加密密钥存储于芯片中,就像保险箱一样。”但据他介绍,Android手机仍然缺少可靠的硬件加密手段。

    Sometimes phones are compromised during production, as happened in 2014 when a factory-installed “Trojan horse” was found on the Star N9500 Android smartphone, made in China and sold by companies such as Amazon and eBay. It enabled hackers to operate the phone remotely and, being embedded17 at the factory, could not be removed.

    有时,手机在生产过程中就已经被植入了恶意软件,就像2014年Star N9500智能手机被发现预装了“特洛伊木马”一样。该款Android手机在中国制造,在亚马逊(Amazon)和eBay等平台出售。黑客可以通过木马远程操控手机,而木马嵌入工厂预装的软件中,无法清除。

    The next battleground between hackers and phone owners will be biometric data such as thumbprints, iris18 or voice profile. At present, hackers rarely use biometrics to circumnavigate security because there are many easier paths, says Mr Shepherd. “This is likely to change. The problem is that if your password is discovered you can quickly change it, whereas once biometric data are compromised, that’s it.”

    黑客与手机用户之间的下一个战场将是生物特征数据,比如拇指纹、虹膜或语音。谢泼德称,目前黑客很少利用生物特征来绕过手机安全屏障,因为还有很多更容易的突破方式。“这种情况很可能会改变。问题是如果你的密码被别人知道了,你可以很快换一个密码,但是一旦生物特征信息被获取,那就完了。”

     10级    双语 


    点击收听单词发音收听单词发音  

    1 hackers ['hækərz] dc5d6e5c0ffd6d1cd249286ced098382   第9级
    n.计算机迷( hacker的名词复数 );私自存取或篡改电脑资料者,电脑“黑客”
    参考例句:
    • They think of viruses that infect an organization from the outside.They envision hackers breaking into their information vaults. 他们考虑来自外部的感染公司的病毒,他们设想黑客侵入到信息宝库中。 来自《简明英汉词典》
    • Arranging a meeting with the hackers took weeks againoff-again email exchanges. 通过几星期电子邮件往来安排见面,他们最终同意了。 来自互联网
    2 malicious [məˈlɪʃəs] e8UzX   第9级
    adj.有恶意的,心怀恶意的
    参考例句:
    • You ought to kick back at such malicious slander. 你应当反击这种恶毒的污蔑。
    • Their talk was slightly malicious. 他们的谈话有点儿心怀不轨。
    3 premium [ˈpri:miəm] EPSxX   第7级
    n.加付款;赠品;adj.高级的;售价高的
    参考例句:
    • You have to pay a premium for express delivery. 寄快递你得付额外费用。
    • Fresh water was at a premium after the reservoir was contaminated. 在水库被污染之后,清水便因稀而贵了。
    4 diversified [daɪ'vɜ:sɪfaɪd] eumz2W   第8级
    adj.多样化的,多种经营的v.使多样化,多样化( diversify的过去式和过去分词 );进入新的商业领域
    参考例句:
    • The college biology department has diversified by adding new courses in biotechnology. 该学院生物系通过增加生物技术方面的新课程而变得多样化。 来自《简明英汉词典》
    • Take grain as the key link, develop a diversified economy and ensure an all-round development. 以粮为纲,多种经营,全面发展。 来自《现代汉英综合大词典》
    5 spoof [spu:f] kGMzz   第12级
    n.诳骗,愚弄,戏弄
    参考例句:
    • The show was a spoof of college life. 那戏是对大学生活的讽刺。
    • That is Tim Robbins's spoof documentary about a presidential campaign. 那是蒂姆·罗宾斯关于总统选举的讽刺纪录片。
    6 accounting [əˈkaʊntɪŋ] nzSzsY   第8级
    n.会计,会计学,借贷对照表
    参考例句:
    • A job fell vacant in the accounting department. 财会部出现了一个空缺。
    • There's an accounting error in this entry. 这笔账目里有差错。
    7 proprietary [prəˈpraɪətri] PiZyG   第9级
    n.所有权,所有的;独占的;业主
    参考例句:
    • We had to take action to protect the proprietary technology. 我们必须采取措施保护专利技术。
    • Proprietary right is the foundation of jus rerem. 所有权是物权法之根基。
    8 breach [bri:tʃ] 2sgzw   第7级
    n.违反,不履行;破裂;vt.冲破,攻破
    参考例句:
    • We won't have any breach of discipline. 我们不允许任何破坏纪律的现象。
    • He was sued for breach of contract. 他因不履行合同而被起诉。
    9 vets [vets] 3e28450179d627638b3132ebb3ba0906   第11级
    abbr.veterans (复数)老手,退伍军人;veterinaries (复数)兽医n.兽医( vet的名词复数 );老兵;退伍军人;兽医诊所v.审查(某人过去的记录、资格等)( vet的第三人称单数 );调查;检查;诊疗
    参考例句:
    • I helped train many young vets and veterinary nurses too. 我还帮助培训了许多年青的兽医和护士。 来自互联网
    • In fact, we've expanded mental health counseling and services for our vets. 实际上,我们已经扩大了退伍军人的心理健康咨询和服务。 来自互联网
    10 initially [ɪˈnɪʃəli] 273xZ   第8级
    adv.最初,开始
    参考例句:
    • The ban was initially opposed by the US. 这一禁令首先遭到美国的反对。
    • Feathers initially developed from insect scales. 羽毛最初由昆虫的翅瓣演化而来。
    11 browsing [b'raʊzɪŋ] 509387f2f01ecf46843ec18c927f7822   第7级
    v.吃草( browse的现在分词 );随意翻阅;(在商店里)随便看看;(在计算机上)浏览信息
    参考例句:
    • He sits browsing over[through] a book. 他坐着翻阅书籍。 来自《简明英汉词典》
    • Cattle is browsing in the field. 牛正在田里吃草。 来自《简明英汉词典》
    12 recipient [rɪˈsɪpiənt] QA8zF   第7级
    adj.接受的,感受性强的 n.接受者,感受者,容器
    参考例句:
    • Please check that you have a valid email certificate for each recipient. 请检查是否对每个接收者都有有效的电子邮件证书。
    • Colombia is the biggest US aid recipient in Latin America. 哥伦比亚是美国在拉丁美洲最大的援助对象。
    13 intercept [ˌɪntəˈsept] G5rx7   第8级
    vt.拦截,截住,截击
    参考例句:
    • His letter was intercepted by the Secret Service. 他的信被特工处截获了。
    • Gunmen intercepted him on his way to the airport. 持枪歹徒在他去机场的路上截击了他。
    14 restrictions [rɪˈstrɪkʃənz] 81e12dac658cfd4c590486dd6f7523cf   第8级
    约束( restriction的名词复数 ); 管制; 制约因素; 带限制性的条件(或规则)
    参考例句:
    • I found the restrictions irksome. 我对那些限制感到很烦。
    • a snaggle of restrictions 杂乱无章的种种限制
    15 negates [nɪˈgeɪts] 348c85532aca5487187dc696780d0bea   第9级
    v.取消( negate的第三人称单数 );使无效;否定;否认
    参考例句:
    • Alcohol negates the effects of the drug. 酒精能使药物失效。
    • The lack of deep hardening in these alloys negates their use. 这些合金缺乏深层硬化能力使它们无法利用。 来自辞典例句
    16 warranty [ˈwɒrənti] 3gwww   第9级
    n.担保书,证书,保单
    参考例句:
    • This warranty is good for one year after the date of the purchase of the product. 本保证书自购置此产品之日起有效期为一年。
    • As your guarantor, we have signed a warranty to the bank. 作为你们的担保人,我们已经向银行开出了担保书。
    17 embedded [em'bedid] lt9ztS   第7级
    a.扎牢的
    参考例句:
    • an operation to remove glass that was embedded in his leg 取出扎入他腿部玻璃的手术
    • He has embedded his name in the minds of millions of people. 他的名字铭刻在数百万人民心中。
    18 iris [ˈaɪrɪs] Ekly8   第12级
    n.虹膜,彩虹
    参考例句:
    • The opening of the iris is called the pupil. 虹膜的开口处叫做瞳孔。
    • This incredible human eye, complete with retina and iris, can be found in the Maldives. 又是在马尔代夫,有这样一只难以置信的眼睛,连视网膜和虹膜都刻画齐全了。

    文章评论 共有评论 0查看全部

      会员登陆
      热门单词标签
    我的单词印象
    我的理解: